DHCP authorization scenario
DHCP authorization is used in BNG L2-connected IPoE. This term assumes authorization by the DHCP Discover message from the subscriber. This scenario is discussed in detail in BNG Call Flows.
The client’s DHCP exchange with the server is shown in the diagram.
After authorization, the client receives an IP address for the lease-time period and after half the time sends a DHCP request in order to extend the lease of the allocated IP address, and expects a DHCP ACK.
But there is a scenario when the subscriber needs to be reauthorized, and this is done only by the DHCP Discover message. This is where the unique feature of the BNG Stingray SG is used: we can accept a CoA Disconnect (PoD – Packet of Disconnect) from the Radius server and respond to the client’s next request for the lease renewal with DHCP NAK (NAK means Not Acknowledged).
Where does that get us?
The use of NAK DHCP speeds up reauthorization by exactly 2 times and does not require the router reboot, as, for example, with Nokia BNG, where there is no way to process DHCP requests after receiving CoA.
How does NAK DHCP affect an ISP’s business process?
Firstly, the NAK response accelerates the application of tariff options directly to the client’s equipment. The client waits less, which means their loyalty rises. The change is usually required at the most crucial moment, when the client has just paid for the service and they urgently need the Internet.
Secondly, the use of NAK DHCP responses reduces the cost of connecting new users, because the time of a specialist at the facility is expensive, and spending it waiting on the technical support line means a loss for the company. The standard algorithm of the client’s initial connection assumes that they get into a domain with limited rights, where after authentication they can reauthorize and get on the Internet. Stingray SG reduces the waiting time by half, which will allow one specialist to connect more subscribers.
Also, do not miss the algorithm when we do not interrupt the current session, but only pass attributes that have been changed. This option is called Full CoA or simply CoA.
What is Full CoA used for?
It is actively used by ISPs where it is not necessary to change the IP address during reauthorization. It is enough to change the parameters of the current session. An example is the connection of a service like “Turbo Button” mode, which increases the connection speed for a certain time interval.